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WE CIAIM: 

1. A method of providing dynamic Quality of Service 

(QoS) treatment of data traffic within a secure 
Virtual Private Network (VPN) tunnel, the method 
comprising the steps of: 

a) querying a policy database to obtain QoS 
information concerning a desired QoS treatment 
for data traffic within the VPN tunnel; 

b) forwarding the QoS information through the VPN 
tunnel to a VPN gateway at an opposite end of the 
VPN Tunnel; and 

c) attaching a QoS marker based on the QoS 
information to the data traffic within the VPN 
tunnel . 

2. A method as claimed in claim 1, wherein the QoS 
information obtained from the policy database 
comprises the QoS marker- 
s' A method as claimed in claim 1, wherein the QoS 

information obtained from the policy database 
comprises Tspec and Rspec parameters indicative of 
the desired QoS treatment. 

4. A method as claimed in claim 3, wherein the step of 
attaching a QoS marker comprises the steps of: 

a) mapping the Tspec and Rspec parameters to the QoS 
marker; and 

b) inserting the QoS marker into a predetermined 
field of a header portion of the data traffic 
within the VPN tunnel. 


11996ROUS01U 



9-13528-lllUS 


- 17 - 


6. 


7. 


8. 


A method as claimed in claim 4, wherein the QoS 
marker is a Differentiated Services Code Point (DSCP) 
value . 

A method as claimed in claim 1, wherein the step of 
obtaining an indication of a QoS treatment further 
comprises the steps of: 

a) obtaining, from a customer, an indication of a 
desired QoS treatment; 

b) confirming an availability of the desired QoS 
treatment; and 

c) if the desired QoS treatment is available, 
updating the policy database with information 
respecting the desired QoS treatment. 

A method as claimed in claim 6, wherein the step of 
confirming an availability of the desired QoS 
treatment comprises any one or more of the steps of: 

a) determining whether or not the VPN tunnel has 
sufficient available bandwidth to support the 
desired QoS; and 

b) comparing the desired QoS to a Service Level 
Agreement (SLA) . 

A method as claimed in claim 1, wherein the step of 
querying the policy database is performed at a start 
of the communications session. 

A method as claimed in claim 8, wherein the step of 
querying the policy database is performed in response 
to a session initiation message received from the 
customer . 
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10. A method as claimed in claim 1, wherein the step of 
querying the policy database is performed during the 
communications session , 

11. A method as claimed in claim 10, wherein the step of 
querying the policy database is performed at 
predetermined intervals during the communications 
session . 

12. A method as claimed in claim 10, wherein the step of 
querying the policy database is performed in response 
to a query request from either one of the customer 
and a service provider. 

13. A method as claimed in claim 10, wherein the "step of 
querying the policy database is performed in response 
to a change in the information respecting QoS 
treatment stored in the policy database. 

14. A method as claimed in claim 1, further comprising a 
step of notifying a service provider of the indicated 
QoS treatment. 

15. A method as claimed in claim 14, wherein the step of 
notifying the service provider is performed at a 
start of the communications session. 

16. A method as claimed in claim 14, wherein the step of 
notifying the service provider is performed in 
response to a change in the indicated QoS treatment. 

17. A VPN gateway adapted to provide dynamic QoS 
treatment of data traffic within a secure VPN tunnel, 
the gateway comprising: 
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a) means for querying a policy database to obtain 
QoS information concerning a desired QoS 
treatment for data traffic within the VPN tunnel; 

b) means for forwarding the QoS information through 
the VPN tunnel to a VPN gateway at an opposite 
end of the VPN Tunnel; and 

c) means for attaching a QoS marker based on the QoS 
information to the data traffic within the VPN 
tunnel . 


18. A VPN gateway as claimed in claim 17, wherein the QoS 
information obtained from the policy database 
comprises the QoS marker. 

19. A VPN gateway as claimed in claim 17, wherein the QoS 
information obtained from the policy database 
comprises Tspec and Rspec parameters indicative of 
the desired QoS treatment. 

20. A VPN gateway as claimed in claim 19, wherein the 
means for attaching a QoS marker comprises: 

a) means for mapping the Tspec and Rspec parameters 
to the QoS marker; and 

b) means for inserting the QoS marker into a 
predetermined field of a header portion of , the 
data traffic within the VPN tunnel. 

21. A VPN gateway as claimed in claim 20, wherein the QoS 
marker is a Differentiated Services Code Point (DSCP) 
value . 
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22. A VPN gateway as claimed in claim 11, further 
comprising means for receiving a QoS request message 
indicative of the desired QoS treatment. 

23, A VPN gateway as claimed in claim 17, wherein the 
means for forwarding the QoS information through the 
VPN tunnel comprises: 

a) a policy update message adapted to convey the QoS 
information through the VPN tunnel; and 

b) means for inserting the QoS information into a 
payload portion of the policy update message. 

24- A VPN gateway as claimed in claim 23, wherein the 
policy update message is an ISAKMP/IKE message having 
a predetermined unique ^'Next Payload" type. 

25. A VPN gateway as claimed in claim 17, wherein the 
policy database is queried at a start of the 
communications session . 

26, A VPN gateway as claimed in claim 25, wherein the 
means for querying the policy database is responsive 
to a session initiation message received from the 
customer . 

27. A VPN gateway as claimed in claim 17, wherein the 
policy database is queried during the communications 
session . 

28, A VPN gateway as claimed in claim 27, wherein the 
policy database is queried at predetermined intervals 
during the communications session. 
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29. A VPN gateway as claimed in claim 21, wherein the 
means for querying the policy database is responsive 
to a query request from either one of the customer 
and a service provider, 

30. A VPN gateway as claimed in claim 21, wherein the 
means for querying the policy database is responsive 
to a change in the information respecting QoS 
treatment stored in the policy database, 

31. A VPN gateway as claimed in claim 11, further 
comprising means for notifying a service provider of 
the indicated QoS treatment, 

32. A VPN gateway as claimed in claim 31, wherein the 
means for notifying the service provider is adapted 
to send a notification message to the service 
provider at a start of the communications session, 

33. A VPN gateway as claimed in claim 31, wherein the 
means for notifying the service provider is adapted 
to send a notification message to the service 
provider in response to a change in the indicated QoS 
treatment . 


